Samsung installed a commercial keylogger on brand-new laptops to monitor customer usage, the company admitted after a user exposed the practice in a security newsletter.
The keylogger was discovered by Mohamed Hassan on two Samsung laptops, the R525 and R540, according to his post on the Security Strategies Alert newsletter run by Mich Kabay, CTO of Adaptive Cyber Security Instruments. In a two-part series, Hassan described how he found the keyloggers and how Samsung denied installing them. the South Korean company later admitted the software was there to “monitor the performance of the machine and to find out how it is being used”, according to Hassan.
StarLogger, from a company called de Willebois Consulting, can be downloaded from a number of sites for free. It claims to record every keystroke made on the computer, even on password-protected systems. Completely undetectable, the keylogger starts up when the computer starts up, and sees everything being typed, including email, documents and login credentials. The software periodically emails the collected data and screen captures to a defined email address.
Hassan determined that the software had been installed by Samsung and he cleaned off the software. Shortly after, he bought a Samsung R540 from a different store and found the same StarLogger program in the same location after running a full-system scan during the initial setup. This confirmed his suspicion that Samsung must know about the software on brand-new laptops, wrote Hassan.
“The findings are false-positive proof since I have used the tool that discovered it for six years now and I [have] yet to see it misidentify an item throughout the years,” Hassan wrote.
He called and logged the incident with Samsung Support on March 1. The company initially denied the presence of the keylogger, much “as Sony BMG did six years ago”, Hassan wrote, in reference to Sony’s installing a rootkit on its music CDs, in the autumn of 2005, to monitor computer-user behaviour and limit how the discs were copied. At the time, Mark Russinovich, the developer who found the Sony BMG rootkit, warned, “Consumers don’t have any kind of assurance that other companies are not going to do the same kind of thing [as Sony].”
“How right has Mr Russinovich been,” Hassan wrote.
Samsung tried to lay the blame on Microsoft since “all Samsung did was to manufacture the hardware”, according to Hassan. A support supervisor then confirmed that Samsung knowingly put this software on the laptop to “monitor the performance of the machine and to find out how it is being used”, Hassan discovered.
Samsung wanted to gather usage data without obtaining consent from laptop owners, Hassan concluded. He called it a “déjà vu security incident” and said there were legal, ethical and privacy implications for both businesses and individuals who may purchase and use Samsung laptops. The company could also be liable should the vast amount of information collected through StarLogger fall into the wrong hands, he speculated.
Samsung did not respond to requests for comment.
United Nations body to protect undersea communications cables that are crucial for international trade and…
Weeks after CEO Mark Zuckerberg met with Donald Trump privately at Mar-a-Lago, comes news of…
Protecting American clean energy businesses. Biden administration plans to raise tariffs on certain Chinese products
News fee. Australia looks introduce mandatory charge on social media platforms and search engines to…
Discover the AI skills your business needs, from machine learning to ethics, and learn how…
Apple highlights its UK investment has grown to £18 billion, as CEO Tim Cook meets…